The cybersecurity workforce needs to grow — by a lot, according to industry experts.
(ISC)2 — the world’s largest nonprofit association of cybersecurity professionals —said last week the 2019 (ISC)² Cybersecurity Workforce Study that the industry needs to grow its workforce by 145% to close the cybersecurity workforce gap and better defend businesses and governments from cyber attacks.
(ISC)2 estimates the current cybersecurity workforce at about 2.8 million, but that needs to more than double, as the industry is more than 4 million cybersecurity professionals short.
The situation isn’t as dire in the U.S., which currently has a cyber workforce of 804,700, but still nearly 500,000 short, a required increase of 62%.
This should be troubling information for all managed service providers and device makers as there are expected to be more than 34 billion connected devices by 2025, giving hackers and data thieves an even bigger target.
Hackers are also becoming more adept and precise, writing and using programs to access smartphones and other mobile devices. According to Kaspersky Lab, mobile attacks doubled in 2018, which should concern all cybersecurity and IT professionals.
One telling finding from the study is that just 42% of respondents said they began their professional careers in cybersecurity, meaning the majority moved into the field from other disciplines.
Cybersecurity and IT firms should focus their efforts on targeting new-to-the-workforce generations who are already armed with the knowledge of new technologies and can stay ahead of trends in cyber attacks.
To help close the cybersecurity workforce gap, (ISC)2 suggests four main actions to build the workforce and recruit new talent:
- Highlight training and professional development opportunities that contribute to career advancement
- Properly level setting on applicant qualifications to make sure the net is cast wide for undiscovered talent
- Attracting young workers and recent college graduates with tangential degrees to cybersecurity or hiring season professionals like consultants and contractors into full-time positions
- Strengthen from within via career development and cross-training existing IT professionals with transferable skills
There was good news for the field, as two-thirds of respondents said they were at least somewhat satisfied with their career choice, and 65% said they intend to work in cybersecurity for their entire careers.